Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ls4Oem-R5kRQEyCodbC5cfydUnI.roa
File: ls4Oem-R5kRQEyCodbC5cfydUnI.roa (raw, json)
Hash identifier: xgxnBUrj2AwaHGY45Bkrb3GcJPfnglFeXMBUCp5CYHk=
Subject key identifier: 96:CE:0E:7A:6F:91:E6:44:50:13:20:A8:75:B0:B9:71:FC:9D:52:72
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188FBE5ECBA1D5873670D989D7515B2616A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ls4Oem-R5kRQEyCodbC5cfydUnI.roa
Signing time: Tue 27 Jun 2023 08:08:49 +0000
ROA not before: Tue 27 Jun 2023 08:08:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:e5:ec:ba:1d:58:73:67:0d:98:9d:75:15:b2:61:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 27 08:08:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96ce0e7a6f91e644501320a875b0b971fc9d5272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3f:98:74:42:72:00:f1:90:92:f6:f8:e8:9e:
fc:83:93:7b:98:7e:e7:62:f5:1b:7c:8d:ca:06:e7:
4e:8b:1d:eb:fc:9a:aa:c3:ab:b3:43:25:3a:db:01:
36:91:c6:8f:57:87:d7:63:72:7b:c3:74:6b:05:fa:
de:f2:92:ab:33:27:f9:61:98:a4:5d:90:5a:d0:4e:
d8:ea:f8:10:02:93:34:bf:d3:63:c3:a3:5a:bd:cb:
87:d0:e6:fb:4d:4e:63:07:19:cf:fd:d8:e5:64:ae:
25:13:e1:f0:41:55:63:31:65:a5:c5:bd:39:84:4f:
5c:56:5c:fd:48:1d:05:2d:71:c6:f8:dc:c3:da:6c:
33:5c:1a:f7:a6:8a:83:3c:94:b3:ca:86:10:78:bd:
47:7e:38:c0:49:6f:e9:29:33:7d:a9:46:08:82:8b:
38:91:60:ae:37:89:77:7b:34:0c:da:10:c7:4b:e9:
f1:1a:8b:8f:70:cc:ee:83:fc:d3:b1:ff:05:91:22:
69:21:59:d2:f4:18:42:96:2a:18:52:3d:3b:c4:3e:
9f:e5:ba:37:46:b6:ee:69:f1:01:9d:da:bf:40:4e:
86:19:34:5d:ed:56:c8:e9:b4:f8:b2:9c:e8:a4:c5:
55:67:ec:2a:0e:14:0f:22:5d:95:a5:a7:19:2c:c4:
b4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:CE:0E:7A:6F:91:E6:44:50:13:20:A8:75:B0:B9:71:FC:9D:52:72
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ls4Oem-R5kRQEyCodbC5cfydUnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.216.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d0:89:86:60:4b:7a:05:96:2c:ef:02:eb:cc:f7:f1:1a:68:
33:94:96:85:20:fc:4a:75:f1:ec:82:f4:05:f3:65:e8:bb:a8:
fe:49:81:b2:38:26:31:35:bc:f5:ab:3c:4d:15:89:a0:fa:03:
e5:59:30:70:09:28:4c:fe:3e:56:5f:87:0c:a7:27:64:5e:c4:
df:82:e4:42:d9:a4:bd:f5:20:dc:6e:64:f0:7b:3d:1a:7e:44:
47:69:18:f5:19:fa:0f:53:e0:f2:21:26:0f:64:40:8e:2a:ba:
45:46:92:32:11:87:36:3b:4d:87:f3:3d:e9:3b:fc:eb:57:aa:
67:ce:2f:ae:98:19:92:39:1c:71:76:1e:e7:c4:68:5f:6b:d3:
e8:98:f9:91:3a:ac:e0:14:f2:df:29:56:06:09:bd:69:37:78:
d5:87:37:15:94:49:28:c5:bd:98:64:83:24:4f:0a:49:09:c2:
38:f2:b3:e4:2a:dc:1c:dc:4e:9c:b6:5f:9f:9f:c3:f4:5f:76:
30:3f:38:64:72:cc:04:ce:e1:c9:05:09:fa:63:b3:63:57:84:
5f:15:b2:79:64:96:d2:55:74:11:f4:d3:a3:bf:08:27:44:dc:
ff:88:6f:01:de:19:a1:c2:ad:93:d4:2f:4c:34:dd:02:83:55:
15:f8:35:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYj75ey6HVhzZw2YnXUVsmFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjI3MDgwODQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmNlMGU3YTZmOTFlNjQ0NTAxMzIwYTg3NWIwYjk3MWZjOWQ1MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j+YdEJyAPGQkvb46J78g5N7mH7n
YvUbfI3KBudOix3r/Jqqw6uzQyU62wE2kcaPV4fXY3J7w3RrBfre8pKrMyf5YZik
XZBa0E7Y6vgQApM0v9Njw6NavcuH0Ob7TU5jBxnP/djlZK4lE+HwQVVjMWWlxb05
hE9cVlz9SB0FLXHG+NzD2mwzXBr3poqDPJSzyoYQeL1HfjjASW/pKTN9qUYIgos4
kWCuN4l3ezQM2hDHS+nxGouPcMzug/zTsf8FkSJpIVnS9BhClioYUj07xD6f5bo3
RrbuafEBndq/QE6GGTRd7VbI6bT4spzopMVVZ+wqDhQPIl2VpacZLMS0JQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJbODnpvkeZEUBMgqHWwuXH8nVJyMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbHM0T2VtLVI1a1JRRXlDb2RiQzVjZnlkVW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWJc4AwQA
WNHTAwQAWNHYMA0GCSqGSIb3DQEBCwUAA4IBAQCC0ImGYEt6BZYs7wLrzPfxGmgz
lJaFIPxKdfHsgvQF82Xou6j+SYGyOCYxNbz1qzxNFYmg+gPlWTBwCShM/j5WX4cM
pydkXsTfguRC2aS99SDcbmTwez0afkRHaRj1GfoPU+DyISYPZECOKrpFRpIyEYc2
O02H8z3pO/zrV6pnzi+umBmSORxxdh7nxGhfa9PomPmROqzgFPLfKVYGCb1pN3jV
hzcVlEkoxb2YZIMkTwpJCcI48rPkKtwc3E6ctl+fn8P0X3YwPzhkcswEzuHJBQn6
Y7NjV4RfFbJ5ZJbSVXQR9NOjvwgnRNz/iG8B3hmhwq2T1C9MNN0Cg1UV+DU5
-----END CERTIFICATE-----
Generated at Sun May 11 20:18:42 2025 by rpki-client